diff --git a/.circleci/config.yml b/.circleci/config.yml
index 3aea373bf..f076db763 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -278,14 +278,14 @@ workflows:
           - build_and_test
           - sam_build
           context: [ deployment-development-wcivf, slack-secrets ]
-          filters: { branches: { only: [ main, master, staging, hotfix/make-token-more-unique ] } }
+          filters: { branches: { only: [ main, master, staging, fix-cache ] } }
       - post_deploy_tests:
           name: post_deploy_tests_development
           dc-environment: development
           requires:
             - sam_deploy_development
           context: [ deployment-development-wcivf, slack-secrets ]
-          filters: { branches: { only: [ main, master, staging, hotfix/make-token-more-unique ] } }
+          filters: { branches: { only: [ main, master, staging, fix-cache ] } }
       - code_deploy:
           name: code_deploy_development
           dc-environment: development
@@ -295,7 +295,7 @@ workflows:
           requires:
           - post_deploy_tests_development
           context: [ deployment-development-wcivf, slack-secrets ]
-          filters: { branches: { only: [ main, master, staging, hotfix/make-token-more-unique ] } }
+          filters: { branches: { only: [ main, master, staging, fix-cache ] } }
       - sam_deploy:
           name: sam_deploy_staging
           dc-environment: staging
diff --git a/sam-template.yaml b/sam-template.yaml
index 90a836556..837815f2c 100644
--- a/sam-template.yaml
+++ b/sam-template.yaml
@@ -528,16 +528,13 @@ Resources:
           SslSupportMethod: sni-only
 
         DefaultCacheBehavior:
-          AllowedMethods: [ GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE ]
+          AllowedMethods: [ HEAD, DELETE, POST, GET, OPTIONS, PUT, PATCH ]
           TargetOriginId: Dynamic
           ForwardedValues:
             QueryString: true
             Cookies:
-              Forward: "all"
-            Headers:
-              - Authorization
-              - Origin
-              - Referer
+              Forward: "none"
+          DefaultTTL: 3600
           ViewerProtocolPolicy: "redirect-to-https"
 
         CacheBehaviors:
@@ -554,6 +551,20 @@ Resources:
                 - Origin
             ViewerProtocolPolicy: "redirect-to-https"
             MinTTL: '50'
+          - AllowedMethods: [ HEAD, DELETE, POST, GET, OPTIONS, PUT, PATCH]
+            PathPattern: admin/*
+            TargetOriginId: Dynamic
+            Compress: true
+            ForwardedValues:
+              QueryString: true
+              Cookies:
+                Forward: 'all'
+              Headers:
+                - Authorization
+                - Origin
+                - Referer
+            ViewerProtocolPolicy: "redirect-to-https"
+            CachePolicyId: "4135ea2d-6df8-44a3-9df3-4b5a84be39ad"
 
   DnsRecord:
     Type: AWS::Route53::RecordSet